Privacy Awareness Week 2018 | Australia's evolving privacy regime

14.05.2018

National Privacy Awareness Week (PAW) is a great time to reflect on the recent significant changes in Australia’s privacy and data protection regime, which bring our legislation more in line with international standards. As a result, many Australian agencies and organisations are now subject to new compliance obligations under the notifiable data breaches (NDB) scheme and increased scrutiny.

Navigating these obligations, as well as the additional implications of the upcoming European General Data Protection Regulation (GDPR), is a must for any organisation seeking to manage the ongoing and complex privacy and data security issues faced by businesses today.

Australia's NDB scheme the first six weeks

2018 Privacy changes at a glance

Is my organisation affected?

You are affected by the NDB Scheme if your organisation

Must comply with the Australian Privacy Principles in the Privacy Act 1988

Is a credit provider or credit reporting body

Holds tax file numbers.

In addition, you are subject to GDPR if your Australian business

Has an establishment in the EU

Processes data of individuals in the EU in relation to offering goods and service

Profiles the behaviour of individuals in the EU such as online through websites/apps.

Is my organisation prepared?

Have a detailed privacy framework in place that includes a battle-tested data breach response plan, and ensure this is GDPR compliant where applicable.

You would benefit from an assessment of your current privacy framework if you are unsure of the answers to one or more of the questions below.

Help your organisation develop or update its information management and risk framework to manage, protect and enhance data through its full life cycle, as well as in relation to specific projects and campaigns. Includes due diligence, M&A activities, big data analytics and technological developments, NDAs and breach of confidence, developing cyber resilience and data security health checks.

Work with your organisation to develop a comprehensive data breach response plan (including cyber breaches), help allocate roles and responsibilities, and develop processes and checklists that will help you fulfil your obligations in the event of a data breach.

Ensure your staff are privacy aware through our e-learning courses focusing on privacy, the NDB scheme, and GDPR. Some courses have been specially tailored to apply to Queensland and Victorian government departments.